diff --git a/chartpress.yaml b/chartpress.yaml index 05c56209..df170850 100644 --- a/chartpress.yaml +++ b/chartpress.yaml @@ -42,7 +42,7 @@ charts: valuesPath: osmSimpleMetrics.image changeset-replication-job: valuesPath: changesetReplicationJob.image - osmcha: - valuesPath: osmcha.image + osmcha-web: + valuesPath: osmchaWeb.image osmcha-db: valuesPath: osmchaDb.image diff --git a/compose/osmcha.yml b/compose/osmcha.yml index 20280fdc..5a1ae4e6 100644 --- a/compose/osmcha.yml +++ b/compose/osmcha.yml @@ -16,7 +16,7 @@ services: platform: linux/amd64 image: osmseed-osmcha-web:v1 build: - context: ../images/osmcha + context: ../images/osmcha-web dockerfile: Dockerfile ports: - '8000:8000' diff --git a/images/osmcha/Dockerfile b/images/osmcha-web/Dockerfile similarity index 100% rename from images/osmcha/Dockerfile rename to images/osmcha-web/Dockerfile diff --git a/images/osmcha/README.md b/images/osmcha-web/README.md similarity index 100% rename from images/osmcha/README.md rename to images/osmcha-web/README.md diff --git a/images/osmcha/start.sh b/images/osmcha-web/start.sh similarity index 100% rename from images/osmcha/start.sh rename to images/osmcha-web/start.sh diff --git a/osm-seed/templates/osmcha-db/osmcha-db-statefulset.yaml b/osm-seed/templates/osmcha-db/osmcha-db-statefulset.yaml index c56645b0..81d1fe78 100644 --- a/osm-seed/templates/osmcha-db/osmcha-db-statefulset.yaml +++ b/osm-seed/templates/osmcha-db/osmcha-db-statefulset.yaml @@ -43,16 +43,6 @@ spec: value: {{ default "postgres" .Values.osmchaDb.env.POSTGRES_USER | quote }} - name: PGDATA value: {{ .Values.osmchaDb.persistenceDisk.mountPath }} - - name: POSTGRES_DB_MAX_CONNECTIONS - value: {{ default 100 .Values.osmchaDb.env.POSTGRES_DB_MAX_CONNECTIONS | quote }} - - name: POSTGRES_DB_SHARED_BUFFERS - value: {{ default "128MB" .Values.osmchaDb.env.POSTGRES_DB_SHARED_BUFFERS | quote }} - - name: POSTGRES_DB_WORK_MEM - value: {{ default "4MB" .Values.osmchaDb.env.POSTGRES_DB_WORK_MEM | quote }} - - name: POSTGRES_DB_MAINTENANCE_WORK_MEM - value: {{ default "64MB" .Values.osmchaDb.env.POSTGRES_DB_MAINTENANCE_WORK_MEM | quote }} - - name: POSTGRES_DB_EFFECTIVE_CACHE_SIZE - value: {{ default "4GB" .Values.osmchaDb.env.POSTGRES_DB_EFFECTIVE_CACHE_SIZE | quote }} - name: POD_IP valueFrom: { fieldRef: { fieldPath: status.podIP } } livenessProbe: diff --git a/osm-seed/templates/osmcha-web/osmch-web-deployment.yaml b/osm-seed/templates/osmcha-web/osmch-web-deployment.yaml new file mode 100644 index 00000000..1f98ba7f --- /dev/null +++ b/osm-seed/templates/osmcha-web/osmch-web-deployment.yaml @@ -0,0 +1,104 @@ +{{- if .Values.osmchaWeb.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "osm-seed.fullname" . }}-osmcha-web + labels: + app: {{ template "osm-seed.name" . }} + component: osmcha-web-deployment + environment: {{ .Values.environment }} + release: {{ .Release.Name }} +spec: + replicas: {{ .Values.osmchaWeb.replicaCount }} + selector: + matchLabels: + app: {{ template "osm-seed.name" . }} + release: {{ .Release.Name }} + run: {{ .Release.Name }}-osmcha-web + template: + metadata: + labels: + app: {{ template "osm-seed.name" . }} + release: {{ .Release.Name }} + run: {{ .Release.Name }}-osmcha-web + spec: + containers: + - name: {{ .Chart.Name }}-osmcha-web + image: "{{ .Values.osmchaWeb.image.name }}:{{ .Values.osmchaWeb.image.tag }}" + ports: + - name: http + containerPort: 8000 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: 8000 + initialDelaySeconds: 600 # 10 min, because the compile process takes time. + timeoutSeconds: 30 + {{- if .Values.osmchaWeb.resources.enabled }} + resources: + requests: + memory: {{ .Values.osmchaWeb.resources.requests.memory }} + cpu: {{ .Values.osmchaWeb.resources.requests.cpu }} + limits: + memory: {{ .Values.osmchaWeb.resources.limits.memory }} + cpu: {{ .Values.osmchaWeb.resources.limits.cpu }} + {{- end }} + env: + - name: POSTGRES_USER + value: {{.Value.osmchaDb.env.POSTGRES_USER | quote }} + - name: POSTGRES_PASSWORD + value: {{.Value.osmchaDb.env.POSTGRES_PASSWORD | quote }} + - name: PGHOST + value: {{.Value.osmchaDb.env.PGHOST | quote }} + - name: DJANGO_CACHES + value: {{.Value.osmchaWeb.env.DJANGO_CACHES | quote }} + - name: DJANGO_DEBUG + value: {{.Value.osmchaWeb.env.DJANGO_DEBUG | quote }} + - name: DJANGO_SECRET_KEY + value: {{.Value.osmchaWeb.env.DJANGO_SECRET_KEY | quote }} + - name: DJANGO_SECURE_BROWSER_XSS_FILTER + value: {{.Value.osmchaWeb.env.DJANGO_SECURE_BROWSER_XSS_FILTER | quote }} + - name: DJANGO_SECURE_SSL_REDIRECT + value: {{.Value.osmchaWeb.env.DJANGO_SECURE_SSL_REDIRECT | quote }} + - name: DJANGO_SECURE_CONTENT_TYPE_NOSNIFF + value: {{.Value.osmchaWeb.env.DJANGO_SECURE_CONTENT_TYPE_NOSNIFF | quote }} + - name: DJANGO_SECURE_FRAME_DENY + value: {{.Value.osmchaWeb.env.DJANGO_SECURE_FRAME_DENY | quote }} + - name: DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS + value: {{.Value.osmchaWeb.env.DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS | quote }} + - name: DJANGO_SESSION_COOKIE_HTTPONLY + value: {{.Value.osmchaWeb.env.DJANGO_SESSION_COOKIE_HTTPONLY | quote }} + - name: DJANGO_SESSION_COOKIE_SECURE + value: {{.Value.osmchaWeb.env.DJANGO_SESSION_COOKIE_SECURE | quote }} + - name: DJANGO_DEFAULT_FROM_EMAIL + value: {{.Value.osmchaWeb.env.DJANGO_DEFAULT_FROM_EMAIL | quote }} + - name: DJANGO_SERVER_EMAIL + value: {{.Value.osmchaWeb.env.DJANGO_SERVER_EMAIL | quote }} + - name: DJANGO_EMAIL_SUBJECT_PREFIX + value: {{.Value.osmchaWeb.env.DJANGO_EMAIL_SUBJECT_PREFIX | quote }} + - name: DJANGO_CHANGESETS_FILTER + value: {{.Value.osmchaWeb.env.DJANGO_CHANGESETS_FILTER | quote }} + - name: OAUTH_OSM_KEY + value: {{.Value.osmchaWeb.env.OAUTH_OSM_KEY | quote }} + - name: OAUTH_OSM_SECRET + value: {{.Value.osmchaWeb.env.OAUTH_OSM_SECRET | quote }} + - name: DJANGO_ANON_USER_THROTTLE_RATE + value: {{.Value.osmchaWeb.env.DJANGO_ANON_USER_THROTTLE_RATE | quote }} + - name: DJANGO_COMMON_USER_THROTTLE_RATE + value: {{.Value.osmchaWeb.env.DJANGO_COMMON_USER_THROTTLE_RATE | quote }} + - name: DJANGO_NON_STAFF_USER_THROTTLE_RATE + value: {{.Value.osmchaWeb.env.DJANGO_NON_STAFF_USER_THROTTLE_RATE | quote }} + - name: OAUTH_REDIRECT_URI + value: {{.Value.osmchaWeb.env.OAUTH_REDIRECT_URI | quote }} + - name: OSMCHA_FRONTEND_VERSION + value: {{.Value.osmchaWeb.env.OSMCHA_FRONTEND_VERSION | quote }} + - name: DJANGO_ENABLE_CHANGESET_COMMENTS + value: {{.Value.osmchaWeb.env.DJANGO_ENABLE_CHANGESET_COMMENTS | quote }} + - name: DJANGO_OSM_COMMENTS_API_KEY + value: {{.Value.osmchaWeb.env.DJANGO_OSM_COMMENTS_API_KEY | quote }} + {{- if .Values.osmchaWeb.nodeSelector.enabled }} + nodeSelector: + {{ .Values.osmchaWeb.nodeSelector.label_key }} : {{ .Values.osmchaWeb.nodeSelector.label_value }} + {{- end }} +{{- end }} diff --git a/osm-seed/templates/osmcha-web/osmch-web-ingress.yaml b/osm-seed/templates/osmcha-web/osmch-web-ingress.yaml new file mode 100644 index 00000000..cf2df4bc --- /dev/null +++ b/osm-seed/templates/osmcha-web/osmch-web-ingress.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.osmchaWeb.enabled (eq .Values.serviceType "ClusterIP") }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ template "osm-seed.fullname" . }}-ingress-osmcha-web + annotations: + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt-prod-issuer +spec: + tls: + - hosts: + - osmcha.{{ .Values.domain }} + secretName: {{ template "osm-seed.fullname" . }}-secret-osmcha + + rules: + - host: osmcha.{{ .Values.domain }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ template "osm-seed.fullname" . }}-osmcha-web + port: + number: 80 +{{- end }} \ No newline at end of file diff --git a/osm-seed/templates/osmcha-web/osmch-web-service.yaml b/osm-seed/templates/osmcha-web/osmch-web-service.yaml new file mode 100644 index 00000000..24c62053 --- /dev/null +++ b/osm-seed/templates/osmcha-web/osmch-web-service.yaml @@ -0,0 +1,43 @@ +{{- if .Values.osmchaWeb.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "osm-seed.fullname" . }}-osmcha-web + labels: + app: {{ template "osm-seed.name" . }} + component: osmcha-web-service + environment: {{ .Values.environment }} + release: {{ .Release.Name }} + annotations: + {{- if and (eq .Values.serviceType "LoadBalancer") .Values.AWS_SSL_ARN }} + service.beta.kubernetes.io/aws-load-balancer-ssl-cert: {{ .Values.AWS_SSL_ARN }} + service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http + service.beta.kubernetes.io/aws-load-balancer-ssl-ports: https + {{- end }} + {{- if eq .Values.serviceType "ClusterIP" }} + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt-prod-issuer + {{- else }} + fake.annotation: fake + {{- end }} + {{- with .Values.osmchaWeb.serviceAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.serviceType }} + ports: + - port: 80 + targetPort: 8000 + protocol: TCP + name: http + {{- if and (eq .Values.serviceType "LoadBalancer") .Values.AWS_SSL_ARN }} + - port: 443 + targetPort: 8000 + protocol: TCP + name: https + {{- end }} + selector: + app: {{ template "osm-seed.name" . }} + release: {{ .Release.Name }} + run: {{ .Release.Name }}-osmcha-web +{{- end }} \ No newline at end of file diff --git a/osm-seed/values.yaml b/osm-seed/values.yaml index c16f5fd8..f0547d6d 100644 --- a/osm-seed/values.yaml +++ b/osm-seed/values.yaml @@ -721,11 +721,35 @@ changesetReplicationJob: # ==================================================================================================== # Variables for changeset-replication-job, Configuration to create the replication files by, minute, hour, or day # ==================================================================================================== -osmcha: +osmchaWeb: enabled: false image: name: '' tag: '' + env: + DJANGO_CACHES: xyz + DJANGO_DEBUG: xyz + DJANGO_SECRET_KEY: xyz + DJANGO_SECURE_BROWSER_XSS_FILTER: xyz + DJANGO_SECURE_SSL_REDIRECT: xyz + DJANGO_SECURE_CONTENT_TYPE_NOSNIFF: xyz + DJANGO_SECURE_FRAME_DENY: xyz + DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS: xyz + DJANGO_SESSION_COOKIE_HTTPONLY: xyz + DJANGO_SESSION_COOKIE_SECURE: xyz + DJANGO_DEFAULT_FROM_EMAIL: xyz + DJANGO_SERVER_EMAIL: xyz + DJANGO_EMAIL_SUBJECT_PREFIX: xyz + DJANGO_CHANGESETS_FILTER: xyz + OAUTH_OSM_KEY: xyz + OAUTH_OSM_SECRET: xyz + DJANGO_ANON_USER_THROTTLE_RATE: xyz + DJANGO_COMMON_USER_THROTTLE_RATE: xyz + DJANGO_NON_STAFF_USER_THROTTLE_RATE: xyz + OAUTH_REDIRECT_URI: xyz + OSMCHA_FRONTEND_VERSION: xyz + DJANGO_ENABLE_CHANGESET_COMMENTS: xyz + DJANGO_OSM_COMMENTS_API_KEY: xyz resources: enabled: false requests: @@ -737,7 +761,6 @@ osmcha: nodeSelector: enabled: false - # ==================================================================================================== # Variables for changeset-replication-job, Configuration to create the replication files by, minute, hour, or day # ==================================================================================================== @@ -763,13 +786,13 @@ osmchaDb: accessMode: ReadWriteOnce mountPath: /var/lib/postgresql/data # Minikube - localVolumeHostPath: /mnt/overpass-api-db-data + localVolumeHostPath: /mnt/db-data/osmcha-data localVolumeSize: 10Gi # AWS AWS_ElasticBlockStore_volumeID: vol-1234bcd AWS_ElasticBlockStore_size: 50Gi # GCP - GCP_gcePersistentDisk_pdName: osmseed-disk-overpass-v1 + GCP_gcePersistentDisk_pdName: osmseed-osmcha-disk--v1 GCP_gcePersistentDisk_size: 50Gi nodeSelector: enabled: false